• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2022-29253

February 23, 2023 by godfreyd94

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with “..” in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue.

CVE-2022-2926

February 23, 2023 by godfreyd94

The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory

CVE-2022-29298

February 23, 2023 by godfreyd94

SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal.

CVE-2022-2922

February 23, 2023 by godfreyd94

Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.

CVE-2022-29097

February 23, 2023 by godfreyd94

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

CVE-2022-29062

February 23, 2023 by godfreyd94

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 472
  • Go to page 473
  • Go to page 474
  • Go to page 475
  • Go to page 476
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE